Kbase P132430: Using UNIX authentication in Progress
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
6/17/2008 |
|
Status: Unverified
GOAL:
Using UNIX authentication in Progress
GOAL:
Using Linux authentication in OpenEdge
GOAL:
Using UNIX User and Password to login to OpenEdge Database
FACT(s) (Environment):
UNIX
Progress/OpenEdge Versions
FIX:
Before thinking about how to take advantage of UNIX authentication for a Progress/OpenEdge session you must start to think about the configuration and isolation of the database and what you are really looking to accomplish.
If a database is only accessible from within a closed network or from the host machine itself and you're thinking you'd like to automate the login process for your users without storing a password anywhere on the system you're really not interested in authentication as much as you are interested in identification.
In such a case there is no need for a password since the user has already supplied it for his UNIX authentication. If your application uses userId for identification, auditing, reporting logic or other then the userId can be had, in most *NIX systems, using the 'whoami' function.
If your database and/or application is accessible outside the host machine or the network, and you still want to automate the login process from a trusted authentication system such as the *NIX login then you may need to employ some external tool to supply the user's credentials.
Starting in OpenEdge 10.1A new security features were introduced which allow application vendors to specify trusted authentication sources as modules accessible by the application. This generally requires additional coding on the part of the vendor but more often than not provides a layer of security not previously available to a Progress application.
For more information on using the new OpenEdge security features go to www.psdn.com and search for security. There are a number of whitepapers on the subject.